Don't allow IP addresses on ports enslaved in bonds or bridges

Ticket: CM-5146 Reviewed By: roopa,jtoppins Testing Done: built new ifupdown package and ran testifupdown2 suite of tests This patch prevents enslaved interfaces from having IP addresses. (cherry picked from commit 0c00606fbc76db11557a8e946310e93a2b376aa7) (cherry picked from commit dc30987acfc6af356b9e055db95d94ae45f0de9f)
2024-05-06 15:54:50 +00:00 · 2015-06-02 20:35:08 -04:00
parent 3d44fbd0c9
commit 0a3bee28ca
7 changed files with 44 additions and 1 deletions
--- a/addons/address.py
+++ b/addons/address.py
@ -104,6 +104,11 @@ class address(moduleBase):
        newaddrs = []
        addrs = ifaceobj.get_attr_value('address')
        if addrs:
+            if ifaceobj.role & ifaceRole.SLAVE:
+                # we must not configure an IP address if the interface is enslaved
+                self.log_warn('interface %s is enslaved and cannot have an IP Address' % \
+                              (ifaceobj.name))
+                return
            # If user address is not in CIDR notation, convert them to CIDR
            for addr_index in range(0, len(addrs)):
                addr = addrs[addr_index]
--- a/addons/bridge.py
+++ b/addons/bridge.py
@ -219,7 +219,8 @@ class bridge(moduleBase):
            return None
        if ifaceobj.link_type != ifaceLinkType.LINK_NA:
           ifaceobj.link_type = ifaceLinkType.LINK_MASTER
-        ifaceobj.link_kind = ifaceLinkKind.BRIDGE
+        ifaceobj.link_kind |= ifaceLinkKind.BRIDGE
+        ifaceobj.role |= ifaceRole.MASTER
        ifaceobj.dependency_type = ifaceDependencyType.MASTER_SLAVE
        return self.parse_port_list(ifaceobj.get_attr_value_first(
                                    'bridge-ports'), ifacenames_all)
--- a/addons/ifenslave.py
+++ b/addons/ifenslave.py
@ -128,6 +128,9 @@ class ifenslave(moduleBase):
        ifaceobj.priv_data = list(slave_list)
        if ifaceobj.link_type != ifaceLinkType.LINK_NA:
           ifaceobj.link_type = ifaceLinkType.LINK_MASTER
+        ifaceobj.link_kind |= ifaceLinkKind.BOND
+        ifaceobj.role |= ifaceRole.MASTER
+
        return slave_list

    def get_dependent_ifacenames_running(self, ifaceobj):
--- a/addons/vlan.py
+++ b/addons/vlan.py
@ -95,6 +95,7 @@ class vlan(moduleBase):
    def get_dependent_ifacenames(self, ifaceobj, ifaceobjs_all=None):
        if not self._is_vlan_device(ifaceobj):
            return None
+        ifaceobj.link_kind |= ifaceLinkKind.VLAN
        return [self._get_vlan_raw_device(ifaceobj)]

    def _bridge_vid_add_del(self, ifaceobj, bridgename, vlanid,
--- a/addons/vxlan.py
+++ b/addons/vxlan.py
@ -36,6 +36,12 @@ class vxlan(moduleBase):
        moduleBase.__init__(self, *args, **kargs)
        self.ipcmd = None

+    def get_dependent_ifacenames(self, ifaceobj, ifaceobjs_all=None):
+        if not self._is_vxlan_device(ifaceobj):
+            return None
+        ifaceobj.link_kind |= ifaceLinkKind.VXLAN
+        return None
+
    def _is_vxlan_device(self, ifaceobj):
        if ifaceobj.get_attr_value_first('vxlan-id'):
            return True
--- a/ifupdown/iface.py
+++ b/ifupdown/iface.py
@ -22,10 +22,28 @@ class ifaceType():
    IFACE = 0x1
    BRIDGE_VLAN = 0x2

+
+class ifaceRole():
+    """ ifaceRole is used to classify the ifaceobj.role of
+        MASTER or SLAVE where there is a bond or bridge
+        with bond-slaves or bridge-ports.  A bond in a bridge
+        is both a master and slave (0x3)
+    """
+    UNKNOWN = 0x0
+    SLAVE = 0x1
+    MASTER = 0x2
+
 class ifaceLinkKind():
+    """ ifaceLlinkKind is used to identify interfaces
+        in the ifaceobj.link_kind attribute. Dependents of the bridge or
+        bond have an ifaceobj.role attribute of SLAVE and the bridge or
+        bond itself has ifaceobj.role of MASTER.
+    """
    UNKNOWN = 0x0
    BRIDGE = 0x1
    BOND = 0x2
+    VLAN = 0x4
+    VXLAN = 0x8

 class ifaceLinkType():
    LINK_UNKNOWN = 0x0
@ -260,6 +278,7 @@ class iface():
        self.type = ifaceType.UNKNOWN
        """interface type"""
        self.priv_data = None
+        self.role = ifaceRole.UNKNOWN
        self.realname = None
        self.link_type = ifaceLinkType.LINK_UNKNOWN
        self.link_kind = ifaceLinkKind.UNKNOWN
@ -455,6 +474,7 @@ class iface():
        del odict['env']
        del odict['link_type']
        del odict['link_kind']
+        del odict['role']
        del odict['dependency_type']
        return odict

@ -469,6 +489,7 @@ class iface():
        self.upperifaces = None
        self.linkstate = None
        self.env = None
+        self.role = ifaceRole.UNKNOWN
        self.priv_flags = 0
        self.module_flags = {}
        self.raw_config = []
--- a/ifupdown/ifupdownmain.py
+++ b/ifupdown/ifupdownmain.py
@ -439,6 +439,9 @@ class ifupdownMain(ifupdownBase):
                else:
                    del_list.append(d)
                if ni:
+                    if upperifaceobj.link_kind & \
+                           (ifaceLinkKind.BOND | ifaceLinkKind.BRIDGE):
+                        ni.role |= ifaceRole.SLAVE
                    ni.add_to_upperifaces(upperifaceobj.name)
                    if upperifaceobj.link_type == ifaceLinkType.LINK_MASTER:
                        ni.link_type = ifaceLinkType.LINK_SLAVE
@ -446,6 +449,9 @@ class ifupdownMain(ifupdownBase):
                for di in dilist:
                    di.inc_refcnt()
                    di.add_to_upperifaces(upperifaceobj.name)
+                    if upperifaceobj.link_kind & \
+                           (ifaceLinkKind.BOND | ifaceLinkKind.BRIDGE):
+                        di.role |= ifaceRole.SLAVE
                    if upperifaceobj.link_type == ifaceLinkType.LINK_MASTER:
                        di.link_type = ifaceLinkType.LINK_SLAVE
        for d in del_list: